﻿using System;
using System.Collections.Generic;
using System.Data.OleDb;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;

public partial class admin_add_root : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {
        string usr = (string)Session["usr"];
        if (usr == null)
        {
            Response.Write("<script>alert('请返回到登录界面登录！!');window.open('login.aspx','_parent')</script>");
            Session.Clear();
        }

        else
        {
            string strConnection = "Provider=Microsoft.Jet.OleDb.4.0 ;Data Source=|DataDirectory|\\web.mdb";
            OleDbConnection objConnection = new OleDbConnection(strConnection);
            objConnection.Open();
            string sql = "select * from login where usr='" + usr + "'";
            OleDbCommand cmd = new OleDbCommand(sql, objConnection);
            OleDbDataReader reader = cmd.ExecuteReader();
            if (reader.Read())
            {

                string leader = reader["lead"].ToString();
                if (leader != "超级管理员")
                {
                    Response.Write("<script>alert('对不起，你没有访问此页面的权限!');window.location.href ='right.aspx'</script>");
                }
                else
                    ;
            }

        }
    }   
     bool f; 
    protected void Button1_Click1(object sender, EventArgs e)
    {
        string strConnection = "Provider=Microsoft.Jet.OleDb.4.0 ;Data Source=|DataDirectory|\\web.mdb";
        OleDbConnection objConnection = new OleDbConnection(strConnection);
        objConnection.Open();
        string sql = "select * from login where usr=@usr";
        OleDbCommand cmd = new OleDbCommand(sql, objConnection);
        cmd.Parameters.Add("@usr", OleDbType.Char, 10);
        cmd.Parameters["@usr"].Value = this.TextBox1.Text;
        OleDbDataReader reader = cmd.ExecuteReader();
        if (reader.Read())//从数据库读取用户信息
        {

            string Username;
            string Password;
            Username = reader["usr"].ToString();
            Password = reader["passwd"].ToString();
            if (Username.Trim() == TextBox1.Text)
            {
                f = true;
            }
            reader.Close();
            objConnection.Close();
        }
        if (f == true)
        {
            Response.Write("<script>alert('帐号已经存在!')</script>");
            TextBox1.Text = ""; TextBox2.Text = ""; TextBox3.Text = "";
            return;
        }//正确！
        else if (TextBox2.Text.Trim() != TextBox3.Text.Trim())
        {
            Response.Write("<script>alert('俩次输入密码不一样，请重新输入！！')</script>");
            return;
        }
        else if (TextBox1.Text.Trim() == "" || TextBox2.Text.Trim() == "")
        {
            Response.Write("<script>alert('用户名或者密码不能为空')</script>");
            return;
        }
        else
        {
            string str1 = "Provider=Microsoft.Jet.OleDb.4.0 ;Data Source=|DataDirectory|\\web.mdb";
            OleDbConnection obj = new OleDbConnection(str1);
            obj.Open();
            string Str1 = "insert into login(usr,passwd,lead) values ( '" + TextBox1.Text.Trim() + "','" + TextBox2.Text.Trim() + "','普通管理员')";
            OleDbCommand cm = new OleDbCommand(Str1, obj);
            Response.Write("<script>alert('添加成功!')</script>");
            cm.ExecuteNonQuery();
            obj.Close();
            TextBox1.Text = "";
            TextBox2.Text = "";
            TextBox3.Text = "";
        }
        Response.AddHeader("Refresh", "0"); 
    }
}
